International Journal of Advancements in Research & Technology, Volume 3, Issue 5, May-2014
ISSN 2278-7763
189
Detection of Suspicious URLs through Vision Techniques in
Twitter Stream
Prof. Jagadish.P, Prof. Anand.R, Nikitha.R, Abhilasha.A.R
Dept of Computer Science
BMS Institute of Technology
ABSTRACT - The primary intention of
1. INTRODUCTION
WARNINGBIRD is to detect the suspicious
URLs through correlated redirect chain
methodology.
It
will
examine
the
correlated URL redirect chain and tweet
context
Twitter is an online social networking site
that enables users to send and read short 140
characters text messages called tweets.
IJOART
information
to
detect
the
suspicious URLs.
Registered users can read and post tweets
but unregistered users can only read them.
The major goal of the WARNINGBIRD is to
But unfortunately, the problem is when
detect the suspicious URLs. Suspicious
the attackers send different individual
URLs are nothing but the doubtful URLs
suspicious URLs it becomes inefficient to
which
identify the suspicious URLs through the
Malicious
correlated redirect chain methodology as
malwares, phishing etc. Conventional twitter
in this method it starts identifying the
suspicious URL detection system is based
suspicious URLs through the common
on
URLs which were frequently shared.
methodology. It detects the suspicious URLs
In this paper, we propose 3 approaches
for detecting suspicious URLs. Our first
approach is visual content matching
technique, second approach is based on
the creation and delivery details of URLs
and the third approach is through
MAUDE model.
Copyright © 2014 SciResPub.
contains
malicious
elements
correlated
URL
elements.
include
redirect
viruses,
chain
which were frequently shared. It will
examine the correlated URL redirect chain
and tweet context information to detect the
suspicious URLs. But unfortunately, the
problem is when the attackers send different
individual suspicious URLs it becomes
inefficient to implement correlated redirect
IJOART
International Journal of Advancements in Research & Technology, Volume 3, Issue 5, May-2014
ISSN 2278-7763
190
chain to identify the suspicious URLs as in
Authentic User Detection) when a recipient
this
the
receive a tweet, the incoming twitter server
suspicious URLs through the common
will contact the alleged outgoing twitter
URLs which were frequently shared.
server to verify that it sent that specific
method
it
starts
identifying
In this paper, we further improve the
efficiency of detecting the suspicious URLs
in twitter stream by providing 3 approaches.
tweet.
The remainder of the paper is organized as
follows. Section 2 shows the related work on
twitter spam detection. Section 3 shows a
We make following contribution to this
suspicious URL detection system through
paper:-
vision and other techniques.
1.
2. RELATED WORK
We propose our first approach visual
this
In some work, the twitter suspicious URL
approach, we consider some of the features
detection systems were based on account
what
recognize
features. Account features include the twitter
duplication of an original page. To do this
account creation date, no of followers and
we analyze a webpage based on some of its
friends and ratio of tweets containing URLs.
content
matching
the
technique.
In
IJOART
human
does
to
characteristics and based on the way it looks
visually. Specifically, we record a number of
characteristics including the page title text,
number of links, images, forms, iframes,
metatags and logo. By using this visual
content matching technique it can prevent
the web attacks like phishing etc.
In another work, they proposed relation
features based. The two important factors
were
distance
and
connectivity.
They
constructed a twitter graph based on these
two factors distance and connectivity.
However, it allocated more space and took
much time to detect the suspicious URLs.
2. Our second approach is based on creation
of the URL and delivery details of that URL
In another approach, they proposed message
tweet. Here we are finding the suspicious
features based. It was analyzing the lexical
URL based on the date and time the URL
features of the tweets like length of the tweet
was created and its delivery details to whom
and the content of the tweets.
all that URL was delivered.
3. Our third approach is we are developing a
model
called
Copyright © 2014 SciResPub.
MAUDE(Multi
server
IJOART
International Journal of Advancements in Research & Technology, Volume 3, Issue 5, May-2014
ISSN 2278-7763
191
even if are image is resized or rotated. To
3. SUSPICIOUS URL
identify the key points we use SIFT (Scale-
DETECTION SYSTEM
invariant feature transform) algorithm. Each
THROUGH VISION AND
key
OTHER TECHNIQUES
dimensional vector. By using this algorithm
point
is
represented
as
multi-
we can obstruct phishing and other web
Twitter is an online social networking site.
attacks.
User can send and receive the messages.
Messages are called as tweets. The attacker
may send a tweet which contains the
suspicious URL which can cause disaster to
the system. To identify the suspicious URLs
we are proposing three approaches they are:-
SIFT algorithm extracts the key points from
an image. These key points are invariant to
affine
transformation,
scaling
and
illumination. During matching, the key
points of two images are matched. If the
percentage of matched key points is greater
IJOART
a. Visual content matching technique.
b. Based on creation and delivery
than a threshold then that page is considered
as proper web page; otherwise it is a fake
details of the URL.
c. Developing a MAUDE model.
Visual content matching technique
web page.
Based on creation and delivery
details of the URL
Our
first
approach
is
visual
content
matching technique. When a tweet occur we
Our second approach relies on URL creation
Analyze the visual contents like page title
date and time. When the attackers send the
text, number of links, images, forms,
tweet containing suspicious URL. It detects
iframes, metatags, and logo and obtains the
based on the fact on when that URL was
SSL (secure sockets layer) certificate of the
created and to whom all it is delivered at
URL. So by these factors it detects the
that date and time. Based on these factors it
suspicious URLs.
detects the suspicious URLs.
Page title text, number of links, images,
Developing a MAUDE model
forms, iframes, metatags, and logo are used
as key points of a web page. These key
points are robust features that can be kept
Copyright © 2014 SciResPub.
Our third approach is we have built a model
called MAUDE (Multi server Authentic
IJOART
International Journal of Advancements in Research & Technology, Volume 3, Issue 5, May-2014
ISSN 2278-7763
192
User Detection).The basic idea of MAUDE
Twitter Stream”-IEEE TRANSACTIONS
model is when a recipient’s twitter server
ON
receives a tweet; the incoming twitter server
COMPUTING,
will contact the alleged outgoing twitter
JANUARY 2013.
server to verify that it sent that specific
[2]
tweet. If so, the tweet is received and
Butkiewicz, Harsha V. Madhyastha,
processed; otherwise, the tweet is suspicious
and appropriate action is taken e.g. tweet is
thrown into some folder with an explicit
DEPENDABLE
AND
VOL.
Indrajeet
X,
Singh,
Srikanth,V.
SECURE
NO.
Y,
Michael
Krishnamurthy,
SateeshAddepalli
“Twitsper:
Tweeting Privately” IEEE 2013.
alert or even deleted.
[3] H. Kwak, C. Lee, H. Park, and S. Moon,
4. CONCLUSION
“What is Twitter, a social network or a news
media?” in Proc. WWW, 2010.
IJOART
We addressed and specified the problems of
correlated redirect chain methodology in
twitter suspicious URL detection system.
We have discussed the groundwork for a
method and tool that can detect suspicious
URLs. A new method and approach of
[4] G. Stringhini, C. Kruegel, and G. Vigna,
“Detecting spammers on social networks,”
in Proc. ACSAC, 2010.
[5] J. Kiss, “Twitter Reveals It Has 100m
Active Users,” Guardian, 8 Sept. 2011.
detecting suspicious URLs in twitter is
proposed to prevent the system from web
attacks and to have a safer communication
with enhanced security. And we also gained
critical insight into how to effectively and
efficiently find suspicious URLs.
5. REFERENCES
[1] Sangho Lee, Student Member, IEEE, and
Jong
Kim,
“WARNINGBIRD:
Member,
A
Near
IEEE
Real-time
Detection System for Suspicious URLs in
Copyright © 2014 SciResPub.
IJOART